<?php session_start();?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<?php
if(isset($_SESSION['lang']))
    require_once "./language_files/resetPassword1_" . $_SESSION['lang'] . ".php";
else
    require_once "./language_files/resetPassword1_en.php";

require_once "functions.php";

//establish connection with database
if((!isset($_GET['code'])))
{
    echo "
    <form action='resetPassword1.php' method='POST'>
    " . $lang['enter'] . "<br><input type='text' name='email'/><p>
    <input type='submit' value='" . $lang['submit'] . "' name='submit'/></p> 
</form>"; //html for submit email

    if(isset($_POST['submit']))
    { //run when button is clicked and making sure that value is set and declared
        $email=mysql_real_escape_string($_POST['email']); //user submit his email in form

        $res=mysql_query("SELECT * FROM Member Where email = '$email'")
                or die(mysql_error());

        //select from table member where email that the user enters is the same to the email saved in the table
        $num=mysql_num_rows($res);
        //used to know the number of rows affected

        if($num != 0)
        { //if the email that the user enter is not empty which means we found it
            while($row=mysql_fetch_assoc($res))
            { //This function gets a row from the mysql_query() function and returns an array on success, or FALSE on failure or when there are no more rows
                $mydb_email=$row['email']; //email declared in the database equal to the row taken from mysql_querey

                if($email == $mydb_email)
                {
                    //if the email the user enters match the email in our database
                    //Email information
                    $code=rand(1000,100000); //generate a random number from 1000 to 100000 that will be sent with the link to the user
                    $header="From:omarkahil1@hotmail.com"; //header of the email form
                    $from="omarkahil1@hotmail.com";      //name or mail of the sender and here my name for purpuse of test which will be changed to the system email
                    $to=$mydb_email; //send to the email in our database that has been entered by the user
                    $subject="your new password"; //Subject or a title for the email
                    $body=" Please don't reply to this mail  
                Please click on the link below or copy it in your browser if you want to change your password
                http://localhost:1234/ConfO/resetPassword2.php?code=$code&email=$mydb_email"; //this is the link which will be sent to the user to his email to click on it
                    //message sent to the user in the mail provided by the auto generated code which linked to reset_password col in the database and the email submited is the same as the email in the database

                    mysql_query("Update member SET reset_password ='$code' WHERE email ='$email");

                    //update for table member that the auto genrated code will change the reset_password col when the email submited is the same as the mail in database

                    mail($to,$subject,$body,$header,$from);
                    //mail function to send email contain the header, from and to whom and the subject and the body

                    echo $lang['check'];

                    //message appear to the user to notify him to check his email for the email contain the link sent to him
                }
                else
                {

                    echo $lang['error_1']; //message appear to the user that he enterd a wrong email or that email is not matched the email in our database
                }
            }
        }
        else
        {
            echo $lang['error_2']; //message appear to the user that this email can not be found in our database
        }
    }
}
?>